Multiple Stack-Based Buffer Overflows in GNU C Library
CVE-2014-9761
9.8CRITICAL
Key Information:
- Vendor
- Suse
- Status
- Vendor
- CVE Published:
- 19 April 2016
Summary
The GNU C Library, also known as glibc or libc6, has a vulnerability that allows context-dependent attackers to induce a denial of service or potentially execute arbitrary code. This flaw stems from multiple stack-based buffer overflows triggered by improperly handled long arguments passed to specific functions, including nan, nanf, and nanl. When exploited, these vulnerabilities can lead to application crashes, affecting system reliability and security.
References
CVSS V3.1
Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved